Hello community, here is the log from the commit of package dhcp for openSUSE:Factory checked in at 2012-08-08 21:53:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dhcp (Old) and /work/SRC/openSUSE:Factory/.dhcp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dhcp", Maintainer is "m...@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/dhcp/dhcp.changes 2012-04-17 07:44:38.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.dhcp.new/dhcp.changes 2012-08-08 21:53:28.000000000 +0200 @@ -1,0 +2,113 @@ +Wed Jul 25 18:13:59 UTC 2012 - m...@suse.com + +- Update to ISC dhcp-4.2.4-P1 release, providing following security + fixes (bnc#772924): + - Previously the server code was relaxed to allow packets with zero + length client ids to be processed. Under some situations use of + zero length client ids can cause the server to go into an infinite + loop. As such ids are not valid according to RFC 2132 section 9.14 + the server no longer accepts them. Client ids with a length of 1 + are also invalid but the server still accepts them in order to + minimize disruption. The restriction will likely be tightened in + the future to disallow ids with a length of 1. + Thanks to Markus Hietava of Codenomicon CROSS project for the + finding this issue and CERT-FI for vulnerability coordination. + [ISC-Bugs #29851] CVE: CVE-2012-3571 + - When attempting to convert a DUID from a client id option + into a hardware address handle unexpected client ids properly. + Thanks to Markus Hietava of Codenomicon CROSS project for the + finding this issue and CERT-FI for vulnerability coordination. + [ISC-Bugs #29852] CVE: CVE-2012-3570 + - A pair of memory leaks were found and fixed. Thanks to Glen + Eustace of Massey University, New Zealand for finding this issue. + [ISC-Bugs #30024] CVE: CVE-2012-3954 +- Moved lease file check to a separate action so it is not used in + restart -- it can fail when the daemon rewrites the lease causing + a restart failure then (bnc#762108 regression). +- Request dhcp6.sntp-servers in /etc/dhclient6.conf and forward to + netconfig for processing (bnc#770236). +- Removed RFC 4833 TZ options from client requests [unused]. + +------------------------------------------------------------------- +Tue Jun 19 06:40:03 UTC 2012 - m...@suse.com + +- Update to ISC dhcp-4.2.4 release, fixing a dhcpv6 server assert + crash while accessing lease on heap (bnc#767661) and providing + the following fixes: + - Rotate the lease file when running in v6 mode. + Thanks to Christoph Moench-Tegeder at Astaro for the + report and the first version of the patch. [ISC-Bugs #24887] + - Fixed the code that checks if an address the server is planning + to hand out is in a reserved range. This would appear as the + server being out of addresses in pools with particular ranges. + [ISC-Bugs #26498] + - In the DDNS code handle error conditions more gracefully and + add more logging code. The major change is to handle unexpected + cancel events from the DNS client code. [ISC-Bugs #26287] + - Tidy up the receive calls and eliminate the need for found_pkt. + [ISC-Bugs #25066] + - Add support for Infiniband over sockets to the server and + relay code. We've tested this on Solaris and hope to expand + support for Infiniband in the future. This patch also corrects + some issues we found in the socket code. [ISC-Bugs #24245] + - Add a compile time check for the presence of the noreturn attribute + and use it for log_fatal if it's available. This will help code + checking programs to eliminate false positives. [ISC-Bugs #27539] + - Fixed many compilation problems ("set, but not used" warnings) for + gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588] + - Modify the code that determines if an outstanding DDNS request + should be cancelled. This patch results in cancelling the + outstanding request less often. It fixes the problem caused + by a client doing a release where the TXT and PTR records + weren't removed from the DNS. [ISC-BUGS #27858] + - Use offsetof() instead of sizeof() to get the sizes for + dhcpv6_relay_packet and dhcpv6_packet in several more places. + Thanks to a report from Bruno Verstuyft and Vincent Demaertelaere + of Excentis. [ISC-Bugs #27941] + - Remove outdated note in the description of the bootp keyword about + the option not satisfying the requirement of failover peers for + denying dynamic bootp clients. [ISC-bugs #28574] + - Multiple items to clean up IPv6 address processing. When processing + an IA that we've seen check to see if the addresses are usable + (not in use by somebody else) before handing it out. + When reading in leases from the file discard expired addresses. + When picking an address for a client include the IA ID in + addition to the client ID to generally pick different addresses + for different IAs. [ISC-Bugs #23138] [ISC-Bugs #27945] + [ISC-Bugs #25586] [ISC-Bugs #27684] + - Remove unnecessary checks in the lease query code and clean up + several compiler issues (some dereferences of NULL and treating + an int as a boolean). [ISC-Bugs #26203] + - Fix the NA and PD allocation code to handle the case where a client + provides a preference and the server doesn't have any addresses or + prefixes available. Previoulsy the server ignored the request with + this patch it replies with a NoAddrsAvail or NoPrefixAvail response. + By default the code performs according to the errata of August 2010 + for RFC 3315 section 17.2.2; to enable the previous style see the + section on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. + This option may be removed in the future. Thanks to Jiri Popelka at + Red Hat for the patch. [ISC-Bugs #22676] + - Fix up some issues found by static analysis. A potential memory leak + and NULL dereference in omapi. The use of a boolean test instead of + a bitwise test in dst. [ISC-Bugs #28941] +- Replaced our patches with a complete and upstream verified patch: + - Fix some issues in the code for parsing and printing options. + [ISC-Bugs #27314] - properly parse a zero length option from + a lease file. + [ISC-Bugs #22796] - properly determine if we parsed a 16 or + 32 bit value in evaluate_numeric_expression (extract-int). + [ISC-Bugs #22625] - properly print options that have several + fields followed by an array of something for example "fIa" + [ISC-Bugs #27289] - properly parse options in declarations + that have several fields followed by an array of something + for example "fIa" + This patch obsoletes the following (bnc#739696) patches: + - dhclient: parse_option_param: Bad format a + - zero-length option lease parse error in dhclient6 +- Merged ldap and options check patches for the new version +- Fixed dhcp-server init script to check syntax and fail while + force-reload and restart to avoid stopping of running daemon + followed by start failure (bnc#762108). Added libgcc_s.so to + chroot, so the server can report assert/crash line. + +------------------------------------------------------------------- Old: ---- dhcp-4.2.2-dhclient-option-checks.bnc675052.diff dhcp-4.2.3-P1-dhclient-option_param-a.diff dhcp-4.2.3-P1-dhclient-zero-length-options.patch dhcp-4.2.3-P1-ldap-patch-mt01.diff.bz2 dhcp-4.2.3-P2-ldap-filter-value-escape.patch dhcp-4.2.3-P2.tar.bz2 New: ---- dhcp-4.2.4-P1.tar.bz2 dhcp-4.2.4-dhclient-option-checks.bnc675052.diff dhcp-4.2.4-ldap-patch-mt01.patch.bz2 dhcp-4.2.4-parsing-and-printing-options.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dhcp.spec ++++++ --- /var/tmp/diff_new_pack.BWcpGv/_old 2012-08-08 21:53:34.000000000 +0200 +++ /var/tmp/diff_new_pack.BWcpGv/_new 2012-08-08 21:53:34.000000000 +0200 @@ -16,7 +16,7 @@ # -%define isc_version 4.2.3-P2 +%define isc_version 4.2.4-P1 %define susefw2dir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define omc_prefix /usr/share/omc %define omc_svcdir %{omc_prefix}/svcinfo.d @@ -36,7 +36,7 @@ %endif BuildRequires: dos2unix BuildRequires: libtool -Version: 4.2.3.P2 +Version: 4.2.4.P1 Release: 0.<RELEASE0> Summary: Common Files Used by ISC DHCP Software License: BSD-3-Clause @@ -80,16 +80,14 @@ Patch20: dhcp-4.1.1-dhclient-exec-filedes.diff Patch21: dhcp-4.2.2-dhclient-send-hostname-rml.diff ## patch repo lives here: http://www.suse.de/~mt/git/dhcp-ldap.git/ -Patch30: dhcp-4.2.3-P1-ldap-patch-mt01.diff.bz2 -Patch31: dhcp-4.2.3-P2-ldap-filter-value-escape.patch +Patch30: dhcp-4.2.4-ldap-patch-mt01.patch.bz2 Patch40: dhcp-4.1.1-P1-lpf-bind-msg-fix.diff Patch44: dhcp-4.2.2-xen-checksum.diff -Patch45: dhcp-4.2.2-dhclient-option-checks.bnc675052.diff +Patch45: dhcp-4.2.4-dhclient-option-checks.bnc675052.diff Patch46: dhcp-4.2.2-close-on-exec.diff Patch47: dhcp-4.2.2-quiet-dhclient.bnc711420.diff -Patch48: dhcp-4.2.3-P1-dhclient-option_param-a.diff -Patch49: dhcp-4.2.3-P1-dhclient-log-pid.diff -Patch50: dhcp-4.2.3-P1-dhclient-zero-length-options.patch +Patch48: dhcp-4.2.3-P1-dhclient-log-pid.diff +Patch49: dhcp-4.2.4-parsing-and-printing-options.patch ## PreReq: /bin/touch /sbin/chkconfig sysconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -209,7 +207,6 @@ %patch21 -p1 %if %{with_ldap} %patch30 -p1 -%patch31 -p1 %endif %patch40 -p1 %patch44 -p1 @@ -218,7 +215,6 @@ %patch47 -p1 %patch48 -p1 %patch49 -p1 -%patch50 -p1 ## find . -type f -name \*.cat\* -exec rm -f {} \; dos2unix contrib/ms2isc/* ++++++ dhclient-script ++++++ --- /var/tmp/diff_new_pack.BWcpGv/_old 2012-08-08 21:53:34.000000000 +0200 +++ /var/tmp/diff_new_pack.BWcpGv/_new 2012-08-08 21:53:34.000000000 +0200 @@ -68,6 +68,9 @@ (new_dhcp6_server_id) k='DHCP6SID' ;; (new_dhcp6_domain_search) k='DNSSEARCH' ;; (new_dhcp6_name_servers) k='DNSSERVERS' ;; + (new_dhcp6_sntp_servers) k='NTPSERVERS' ;; + #(new_dhcp6_nis_domain) k='NISDOMAIN' ;; + #(new_dhcp6_nis_servers) k='NISSERVERS' ;; (*) k="dhclient6_${v#new_}" ;; esac ;; ++++++ dhclient.conf ++++++ --- /var/tmp/diff_new_pack.BWcpGv/_old 2012-08-08 21:53:34.000000000 +0200 +++ /var/tmp/diff_new_pack.BWcpGv/_new 2012-08-08 21:53:34.000000000 +0200 @@ -45,8 +45,8 @@ domain-name-servers, nis-domain, nis-servers, nds-context, nds-servers, nds-tree-name, netbios-name-servers, netbios-dd-server, - netbios-node-type, netbios-scope, ntp-servers, - rfc4833-tz-posix-string, rfc4833-tz-name; + netbios-node-type, netbios-scope, ntp-servers; +# rfc4833-tz-posix-string, rfc4833-tz-name; # We request above options, require only the IP configuration: require subnet-mask; ++++++ dhclient6.conf ++++++ --- /var/tmp/diff_new_pack.BWcpGv/_old 2012-08-08 21:53:34.000000000 +0200 +++ /var/tmp/diff_new_pack.BWcpGv/_new 2012-08-08 21:53:34.000000000 +0200 @@ -1,13 +1,22 @@ # Client configuration file example for DHCPv6 +# Define RFC 4833 timezone options: option dhcp6.rfc4833-tz-posix-string code 41 = string; option dhcp6.rfc4833-tz-name code 42 = string; +# You may add the options you've declared now to the request, +# but it is still needed to use them in a netconfig module or +# dhclient-script. I didn't found the time to implement it +# yet -- feel free to provide a module / patch. +# dhcp6.rfc4833-tz-posix-string, dhcp6.rfc4833-tz-name; # The client side command to enable rapid-commit (2 packet exchange) send dhcp6.rapid-commit; -# name-servers and domain-search are requested by default. -# here is the way to request sip-servers-addresses too -also request dhcp6.sip-servers-addresses, - dhcp6.rfc4833-tz-posix-string, dhcp6.rfc4833-tz-name; +# The name-servers and domain-search are requested by default. +# +# We request also sntp-servers, see dhcp-options(5) for more, +# but make sure, the underlying software using it supports IPv6 +# (e.g. ypbind <= 1.35 doesn't, don't add nis-servers/domain!) +# +also request dhcp6.sntp-servers; ++++++ dhcp-4.2.3-P2.tar.bz2 -> dhcp-4.2.4-P1.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/dhcp/dhcp-4.2.3-P2.tar.bz2 /work/SRC/openSUSE:Factory/.dhcp.new/dhcp-4.2.4-P1.tar.bz2 differ: char 11, line 1 ++++++ dhcp-4.2.2-dhclient-option-checks.bnc675052.diff -> dhcp-4.2.4-dhclient-option-checks.bnc675052.diff ++++++ --- /work/SRC/openSUSE:Factory/dhcp/dhcp-4.2.2-dhclient-option-checks.bnc675052.diff 2011-09-23 01:55:05.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.dhcp.new/dhcp-4.2.4-dhclient-option-checks.bnc675052.diff 2012-08-08 21:53:28.000000000 +0200 @@ -1,8 +1,8 @@ diff --git a/client/dhclient.c b/client/dhclient.c -index 9fd7ccc..82c26bb 100644 +index 1afccd5..37ec809 100644 --- a/client/dhclient.c +++ b/client/dhclient.c -@@ -3251,7 +3251,7 @@ void script_write_params (client, prefix, lease) +@@ -3275,7 +3275,7 @@ void script_write_params (client, prefix, lease) } else { log_error("suspect value in %s " "option - discarded", @@ -11,7 +11,7 @@ } } -@@ -3264,7 +3264,7 @@ void script_write_params (client, prefix, lease) +@@ -3288,7 +3288,7 @@ void script_write_params (client, prefix, lease) } else { log_error("suspect value in %s " "option - discarded", @@ -19,8 +19,8 @@ + "server-name"); } } - -@@ -4193,7 +4193,7 @@ static int check_domain_name(const char *ptr, size_t len, int dots) + +@@ -4216,7 +4216,7 @@ static int check_domain_name(const char *ptr, size_t len, int dots) const char *p; /* not empty or complete length not over 255 characters */ @@ -30,10 +30,10 @@ /* consists of [[:alnum:]-]+ labels separated by [.] */ diff --git a/common/options.c b/common/options.c -index 80fd8db..6b95f3b 100644 +index e485222..bc9bb97 100644 --- a/common/options.c +++ b/common/options.c -@@ -3916,7 +3916,7 @@ pretty_escape(char **dst, char *dend, const unsigned char **src, +@@ -3918,7 +3918,7 @@ pretty_escape(char **dst, char *dend, const unsigned char **src, } } else if (**src == '"' || **src == '\'' || **src == '$' || **src == '`' || **src == '\\' || **src == '|' || @@ -42,6 +42,3 @@ if (*dst + 2 > dend) return -1; --- -1.7.3.4 - ++++++ dhcp-4.2.4-ldap-patch-mt01.patch.bz2 ++++++ ++++ 1269 lines (skipped) ++++++ dhcp-4.2.4-parsing-and-printing-options.patch ++++++ >From 29c3de8d0973c66c9c8261c0f3d0deeccfd29994 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski <m...@suse.de> Date: Tue, 12 Jun 2012 10:01:10 +0200 Subject: [PATCH] dhcp-4.2.4-parsing-and-printing-options - Fix some issues in the code for parsing and printing options. [ISC-Bugs #27314] - properly parse a zero length option from a lease file. [ISC-Bugs #22796] - properly determine if we parsed a 16 or 32 bit value in evaluate_numeric_expression (extract-int). [ISC-Bugs #22625] - properly print options that have several fields followed by an array of something for example "fIa" [ISC-Bugs #27289] - properly parse options in declarations that have several fields followed by an array of something for example "fIa" This patch obsoletes the following (bnc#739696) patches: - dhclient: parse_option_param: Bad format a [complete, upstream corrected version] - zero-length option lease parse error in dhclient6 [upstream accepted variant] - properly determine if we parsed a 16 or 32 bit value [additional upstream patch] --- client/dhclient.c | 19 +++++++++++++--- common/options.c | 60 +++++++++++++++++++++++++++++++++++++++++++++------- common/parse.c | 23 ++++++++++++++++--- common/tables.c | 7 +++-- common/tree.c | 35 ++++++++++++++++++++---------- 5 files changed, 113 insertions(+), 31 deletions(-) diff --git a/client/dhclient.c b/client/dhclient.c index f920c64..025337a 100644 --- a/client/dhclient.c +++ b/client/dhclient.c @@ -2793,10 +2793,21 @@ void write_lease_option (struct option_cache *oc, } if (evaluate_option_cache (&ds, packet, lease, client_state, in_options, cfg_options, scope, oc, MDL)) { - fprintf(leaseFile, "%soption %s%s%s %s;\n", preamble, - name, dot, oc->option->name, - pretty_print_option(oc->option, ds.data, ds.len, - 1, 1)); + /* The option name */ + fprintf(leaseFile, "%soption %s%s%s", preamble, + name, dot, oc->option->name); + + /* The option value if there is one */ + if ((oc->option->format == NULL) || + (oc->option->format[0] != 'Z')) { + fprintf(leaseFile, " %s", + pretty_print_option(oc->option, ds.data, + ds.len, 1, 1)); + } + + /* The closing semi-colon and newline */ + fprintf(leaseFile, ";\n"); + data_string_forget (&ds, MDL); } } diff --git a/common/options.c b/common/options.c index bc9bb97..fa27688 100644 --- a/common/options.c +++ b/common/options.c @@ -1683,6 +1683,8 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes) const unsigned char *dp = data; char comma; unsigned long tval; + isc_boolean_t a_array = ISC_FALSE; + int len_used; if (emit_commas) comma = ','; @@ -1707,6 +1709,8 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes) fmtbuf [l] = option -> format [i]; switch (option -> format [i]) { case 'a': + a_array = ISC_TRUE; + /* Fall through */ case 'A': --numelem; fmtbuf [l] = 0; @@ -1735,6 +1739,8 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes) hunksize++; comma = ':'; numhunk = 0; + a_array = ISC_TRUE; + hunkinc = 1; } fmtbuf [l + 1] = 0; break; @@ -1828,13 +1834,34 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes) len - hunksize); /* If this is an array, compute its size. */ - if (!numhunk) - numhunk = len / hunksize; - /* See if we got an exact number of hunks. */ - if (numhunk > 0 && numhunk * hunksize < len) - log_error ("%s: %d extra bytes at end of array\n", - option -> name, - len - numhunk * hunksize); + if (numhunk == 0) { + if (a_array == ISC_TRUE) { + /* + * It is an 'a' type array - we repeat the + * last format type. A binary string for 'X' + * is also like this. hunkinc is the size + * of the last format type and we add 1 to + * cover the entire first record. + */ + numhunk = ((len - hunksize) / hunkinc) + 1; + len_used = hunksize + ((numhunk - 1) * hunkinc); + } else { + /* + * It is an 'A' type array - we repeat the + * entire record + */ + numhunk = len / hunksize; + len_used = numhunk * hunksize; + } + + /* See if we got an exact number of hunks. */ + if (len_used < len) { + log_error ("%s: %d extra bytes at end of array\n", + option -> name, + len - len_used); + } + } + /* A one-hunk array prints the same as a single hunk. */ if (numhunk < 0) @@ -1842,7 +1869,24 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes) /* Cycle through the array (or hunk) printing the data. */ for (i = 0; i < numhunk; i++) { - for (j = 0; j < numelem; j++) { + if ((a_array == ISC_TRUE) && (i != 0) && (numelem > 0)) { + /* + * For 'a' type of arrays we repeat + * only the last format character + * We should never hit the case of numelem == 0 + * but let's include the check to be safe. + */ + j = numelem - 1; + } else { + /* + * for other types of arrays or the first + * time through for 'a' types, we go through + * the entire set of format characters. + */ + j = 0; + } + + for (; j < numelem; j++) { switch (fmtbuf [j]) { case 't': /* endbuf-1 leaves room for NULL. */ diff --git a/common/parse.c b/common/parse.c index 434085a..f72c0d6 100644 --- a/common/parse.c +++ b/common/parse.c @@ -5518,11 +5518,26 @@ int parse_option_decl (oc, cfile) if (status != ISC_R_SUCCESS || option == NULL) return 0; + fmt = option->format; + /* Parse the option data... */ do { - for (fmt = option -> format; *fmt; fmt++) { - if (*fmt == 'A') + for (; *fmt; fmt++) { + if (*fmt == 'A') { + /* 'A' is an array of records, start at + * the beginning + */ + fmt = option->format; + break; + } + + if (*fmt == 'a') { + /* 'a' is an array of the last field, + * back up one format character + */ + fmt--; break; + } if (*fmt == 'o' && fmt != option -> format) continue; switch (*fmt) { @@ -5718,7 +5733,7 @@ int parse_option_decl (oc, cfile) goto alloc; case 'Z': /* Zero-length option */ - token = next_token(&val, (unsigned *)0, cfile); + token = peek_token(&val, (unsigned *)0, cfile); if (token != SEMI) { parse_warn(cfile, "semicolon expected."); @@ -5735,7 +5750,7 @@ int parse_option_decl (oc, cfile) } } token = next_token (&val, (unsigned *)0, cfile); - } while (*fmt == 'A' && token == COMMA); + } while (*fmt && token == COMMA); if (token != SEMI) { parse_warn (cfile, "semicolon expected."); diff --git a/common/tables.c b/common/tables.c index c820d83..d224dc1 100644 --- a/common/tables.c +++ b/common/tables.c @@ -64,9 +64,10 @@ HASH_FUNCTIONS (option_code, const unsigned *, struct option, some event. The special all-ones value means 'infinite'. May either be printed as a decimal, eg, "3600", or as this name, eg, "infinite". f - flag (true or false) - A - array of whatever precedes (e.g., IA means array of IP addresses) - a - array of the preceding character (e.g., IIa means two or more IP - addresses) + A - array of all that precedes (e.g., fIA means array of records of + a flag and an IP address) + a - array of the preceding character (e.g., fIa means a single flag + followed by an array of IP addresses) U - name of an option space (universe) F - implicit flag - the presence of the option indicates that the flag is true. diff --git a/common/tree.c b/common/tree.c index 3c978b0..7754398 100644 --- a/common/tree.c +++ b/common/tree.c @@ -2409,6 +2409,7 @@ int evaluate_numeric_expression (result, packet, lease, client_state, struct binding *binding; struct binding_value *bv; unsigned long ileft, iright; + int rc = 0; switch (expr -> op) { case expr_check: @@ -2477,32 +2478,42 @@ int evaluate_numeric_expression (result, packet, lease, client_state, status = (evaluate_data_expression (&data, packet, lease, client_state, in_options, cfg_options, scope, expr -> data.extract_int, MDL)); - if (status && data.len >= 2) + if (status && data.len >= 2) { *result = getUShort (data.data); + rc = 1; + } #if defined (DEBUG_EXPRESSIONS) - log_debug ("num: extract_int16 (%s) = %ld", - ((status && data.len >= 2) ? - print_hex_1 (data.len, data.data, 60) : "NULL"), - *result); + if (rc == 1) { + log_debug ("num: extract_int16 (%s) = %ld", + print_hex_1(data.len, data.data, 60) + *result); + } else { + log_debug ("num: extract_int16 (NULL) = NULL"); + } #endif if (status) data_string_forget (&data, MDL); - return (status && data.len >= 2); + return (rc); case expr_extract_int32: memset (&data, 0, sizeof data); status = (evaluate_data_expression (&data, packet, lease, client_state, in_options, cfg_options, scope, expr -> data.extract_int, MDL)); - if (status && data.len >= 4) + if (status && data.len >= 4) { *result = getULong (data.data); + rc = 1; + } #if defined (DEBUG_EXPRESSIONS) - log_debug ("num: extract_int32 (%s) = %ld", - ((status && data.len >= 4) ? - print_hex_1 (data.len, data.data, 60) : "NULL"), - *result); + if (rc == 1) { + log_debug ("num: extract_int32 (%s) = %ld", + print_hex_1 (data.len, data.data, 60), + *result); + } else { + log_debug ("num: extract_int32 (NULL) = NULL"); + } #endif if (status) data_string_forget (&data, MDL); - return (status && data.len >= 4); + return (rc); case expr_const_int: *result = expr -> data.const_int; -- 1.7.7 ++++++ rc.dhcpd ++++++ --- /var/tmp/diff_new_pack.BWcpGv/_old 2012-08-08 21:53:34.000000000 +0200 +++ /var/tmp/diff_new_pack.BWcpGv/_new 2012-08-08 21:53:34.000000000 +0200 @@ -221,7 +221,7 @@ get_ldd_deps() { :; } fi cplibs=`for i in /$libdir/{libresolv.so.*,libnss_*.so.*} \ - /$libdir/{libpthread.so.0,libdl.so.2} ; + /$libdir/{libpthread.so.0,libdl.so.2,libgcc_s.so.*} ; do if [ -s "$i" ] ; then echo "$i" @@ -352,26 +352,35 @@ rc_status ;; restart) - ## Stop the service and regardless of whether it was - ## running or not, start it again. - $0 stop - sleep 3 - $0 start - - # Remember status and be quiet - rc_status + ## Check syntax and when it is OK, stop the service + ## and regardless of whether it was running or not, + ## start it again. + if ! $0 check-syntax &>/dev/null ; then + echo -n "Syntax check reports errors, see log messages" + rc_failed + rc_status -v + else + $0 stop + sleep 3 + $0 start + # Remember status and be quiet + rc_status + fi ;; force-reload) ## Signal the daemon to reload its config. Most daemons ## do this on signal 1 (SIGHUP). ## If it does not support it, restart. - echo -n "Reload service $DAEMON" - if [ "$SUPPORTS_HUP" = "yes" ]; then + echo -n "Reload service $DAEMON" killproc -p $DAEMON_STATE/$DAEMON_PIDFILE -HUP $DAEMON_BIN #touch $DAEMON_STATE/$DAEMON_PIDFILE rc_status -v + elif ! $0 check-syntax &>/dev/null ; then + echo -n "Syntax check reports errors, see log messages" + rc_failed + rc_status -v else $0 stop && sleep 3 && $0 start rc_status @@ -419,31 +428,39 @@ test $rc = 1 && echo restart ;; check-syntax|syntax-check) - echo "Checking syntax of $DAEMON_CONF: " + echo -n "Checking syntax of $DAEMON_CONF: " ## this nice bit is from Edwin Groothuis: ## check syntax (quiet) $DAEMON_BIN $DHCPDv_OPT -q -t -cf $DAEMON_CONF - if ! [ $? -eq 0 ]; then + rc_status + if [ $? -ne 0 ]; then + echo "" ## check syntax (verbose) $DAEMON_BIN $DHCPDv_OPT -t -cf $DAEMON_CONF - echo -e '\nConfig is NOT okay\n' - else - echo 'Config is okay. Hope you also specified existent network devices ;) ' + echo -ne '\nConfig is NOT okay' + rc_failed + fi + rc_status -v + ;; + check-lease|check-lease-file) + echo -n "Checking lease file $DAEMON_LEASES: " - ## in v3, lease file checking is also implemented - if [ $DAEMON_BIN != "/usr/sbin/dhcpd-2" ]; then - ## check leases file (quiet) - $DAEMON_BIN $DHCPDv_OPT -q -T -cf $DAEMON_CONF -lf ${DAEMON_STATE}/db/$DAEMON_LEASES - if ! [ $? -eq 0 ]; then - ## check leases file (verbose) - $DAEMON_BIN $DHCPDv_OPT -T -cf $DAEMON_CONF -lf ${DAEMON_STATE}/db/$DAEMON_LEASES - echo -e '\nLease file is NOT okay' - else - echo 'Lease file is okay' - fi + if [ -s ${DAEMON_STATE}/db/$DAEMON_LEASES ] ; then + ## check leases file (quiet) + $DAEMON_BIN $DHCPDv_OPT -q -T -cf /dev/null -lf ${DAEMON_STATE}/db/$DAEMON_LEASES + rc_status + if [ $? -ne 0 ]; then + echo "" + ## check leases file (verbose) + $DAEMON_BIN $DHCPDv_OPT -T -cf $DAEMON_CONF -lf ${DAEMON_STATE}/db/$DAEMON_LEASES + echo -ne '\nLease file is NOT okay' + rc_failed fi + else + rc_status -u fi + rc_status -v ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe|check-syntax} [-v]" ++++++ rc.dhcpd6 ++++++ --- /var/tmp/diff_new_pack.BWcpGv/_old 2012-08-08 21:53:34.000000000 +0200 +++ /var/tmp/diff_new_pack.BWcpGv/_new 2012-08-08 21:53:34.000000000 +0200 @@ -224,7 +224,7 @@ get_ldd_deps() { :; } fi cplibs=`for i in /$libdir/{libresolv.so.*,libnss_*.so.*} \ - /$libdir/{libpthread.so.0,libdl.so.2} ; + /$libdir/{libpthread.so.0,libdl.so.2,libgcc_s.so.*} ; do if [ -s "$i" ] ; then echo "$i" @@ -355,26 +355,35 @@ rc_status ;; restart) - ## Stop the service and regardless of whether it was - ## running or not, start it again. - $0 stop - sleep 3 - $0 start - - # Remember status and be quiet - rc_status + ## Check syntax and when it is OK, stop the service + ## and regardless of whether it was running or not, + ## start it again. + if ! $0 check-syntax &>/dev/null ; then + echo -n "Syntax check reports errors, see log messages" + rc_failed + rc_status -v + else + $0 stop + sleep 3 + $0 start + # Remember status and be quiet + rc_status + fi ;; force-reload) ## Signal the daemon to reload its config. Most daemons ## do this on signal 1 (SIGHUP). ## If it does not support it, restart. - echo -n "Reload service $DAEMON" - if [ "$SUPPORTS_HUP" = "yes" ]; then + echo -n "Reload service $DAEMON" killproc -p $DAEMON_STATE/$DAEMON_PIDFILE -HUP $DAEMON_BIN #touch $DAEMON_STATE/$DAEMON_PIDFILE rc_status -v + elif ! $0 check-syntax &>/dev/null ; then + echo -n "Syntax check reports errors, see log messages" + rc_failed + rc_status -v else $0 stop && sleep 3 && $0 start rc_status @@ -422,31 +431,39 @@ test $rc = 1 && echo restart ;; check-syntax|syntax-check) - echo "Checking syntax of $DAEMON_CONF: " + echo -n "Checking syntax of $DAEMON_CONF: " ## this nice bit is from Edwin Groothuis: ## check syntax (quiet) $DAEMON_BIN $DHCPDv_OPT -q -t -cf $DAEMON_CONF - if ! [ $? -eq 0 ]; then + rc_status + if [ $? -ne 0 ]; then + echo "" ## check syntax (verbose) $DAEMON_BIN $DHCPDv_OPT -t -cf $DAEMON_CONF - echo -e '\nConfig is NOT okay\n' - else - echo 'Config is okay. Hope you also specified existent network devices ;) ' + echo -ne '\nConfig is NOT okay' + rc_failed + fi + rc_status -v + ;; + check-lease|check-lease-file) + echo -n "Checking lease file $DAEMON_LEASES: " - ## in v3, lease file checking is also implemented - if [ $DAEMON_BIN != "/usr/sbin/dhcpd-2" ]; then - ## check leases file (quiet) - $DAEMON_BIN $DHCPDv_OPT -q -T -cf $DAEMON_CONF -lf ${DAEMON_STATE}/db/$DAEMON_LEASES - if ! [ $? -eq 0 ]; then - ## check leases file (verbose) - $DAEMON_BIN $DHCPDv_OPT -T -cf $DAEMON_CONF -lf ${DAEMON_STATE}/db/$DAEMON_LEASES - echo -e '\nLease file is NOT okay' - else - echo 'Lease file is okay' - fi + if [ -s ${DAEMON_STATE}/db/$DAEMON_LEASES ] ; then + ## check leases file (quiet) + $DAEMON_BIN $DHCPDv_OPT -q -T -cf /dev/null -lf ${DAEMON_STATE}/db/$DAEMON_LEASES + rc_status + if [ $? -ne 0 ]; then + echo "" + ## check leases file (verbose) + $DAEMON_BIN $DHCPDv_OPT -T -cf $DAEMON_CONF -lf ${DAEMON_STATE}/db/$DAEMON_LEASES + echo -ne '\nLease file is NOT okay' + rc_failed fi + else + rc_status -u fi + rc_status -v ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe|check-syntax} [-v]" -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org